Jeva Technologies OPC ("Company", "we", "us", or "our") operates the NextGuro platform at nextguro.com ("Service"). This Privacy Policy explains what personal data we collect, how we use it, and the rights you have regarding your data.

We are committed to protecting your privacy in accordance with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173) and its Implementing Rules and Regulations, as well as other applicable data protection laws.

1. Data We Collect

Information you provide directly

Account data: name, email address, school or institution name, country, and password when you register.
Profile data: grade level, subject area, and curriculum preferences you configure.
Billing data: payment card details and billing address processed securely through our third-party payment processor. We do not store full card numbers.
Support communications: messages, attachments, and other information you send us when requesting help.

Information generated through your use of the Service

AI prompts and inputs: the text, topics, and parameters you submit to generate lesson plans, quizzes, and visual aids.
Generated outputs: lesson plans, quizzes, and other content produced for your account.
Usage data: features used, actions taken, pages visited, generation history, and session duration.
Quiz session data: when you host a live quiz, we collect participation codes, aggregate response data, and session timestamps.

Information collected automatically

Device and browser data: IP address, browser type and version, operating system, device identifiers, and time zone.
Log data: server logs including access times, referring URLs, and error reports.
Cookies and similar technologies: see Section 9 for details.

2. How We Use Your Data

We use your personal data to:

Create and manage your account and authenticate your identity.
Provide, operate, and improve the Service and its AI features.
Process payments and send billing-related communications.
Send transactional emails (e.g., account confirmation, password reset).
Send product updates, tips, and marketing communications — you can opt out at any time.
Respond to support requests and investigate issues.
Detect and prevent fraud, abuse, and security threats.
Comply with legal obligations.
Analyze usage patterns to improve user experience and develop new features.

3. AI Processing and Third-Party AI Providers

To generate lesson plans, visual aids, and quizzes, your input prompts are sent to third-party AI model providers. These providers process your prompts on our behalf under data processing agreements. We take the following precautions:

We do not use your prompts or generated outputs to train any AI models — by us or by our providers.
Do not include personally identifiable information about students or third parties in your AI prompts.
Prompts and generated outputs may be temporarily cached or logged solely for quality assurance, error debugging, and abuse detection purposes, subject to our data retention limits.

4. Legal Bases for Processing

We process your personal data on the following legal bases under the Data Privacy Act of 2012:

Consent: for marketing communications, optional cookies, and any processing beyond what is strictly necessary to provide the Service.
Contract performance: to provide the Service you have subscribed to.
Legitimate interest: for security, fraud prevention, product analytics, and service improvement — where not overridden by your rights.
Legal obligation: to comply with applicable laws and regulatory requirements.

5. Data Sharing and Disclosure

We do not sell your personal data. We may share it with:

Service providers: third parties who help us operate the Service (hosting, payment processing, AI model providers, email delivery, analytics) under data processing agreements that restrict their use of your data.
Business transfers: if Jeva Technologies OPC is involved in a merger, acquisition, or asset sale, your data may be transferred as part of that transaction. We will notify you before your data becomes subject to a different privacy policy.
Legal requirements: when required by law, court order, or government authority, or to protect the rights, property, or safety of the Company, our users, or the public.

6. Student Data

NextGuro is designed for educators, not students. We do not knowingly collect personal data from students under the age of 13. If you are a teacher using the Service in connection with students:

Do not enter student names, ID numbers, or other personally identifiable student information into AI generation prompts.
If you use our live quiz feature with students, you are responsible for obtaining any required parental or institutional consent under applicable law before having students participate.
Quiz participation data collected from students (aggregate responses, scores) is only accessible to the teacher who hosted the quiz and is not used for advertising.

If you believe we have inadvertently collected personal data from a minor, please contact us immediately at privacy@nextguro.com.

7. Data Retention

We retain your personal data for as long as your account is active or as necessary to provide the Service. Specifically:

Account data: retained while your account is active and for up to 90 days after deletion to allow for account recovery, then permanently deleted.
Generated content: retained in your account until you delete it or close your account.
Billing records: retained for 7 years to comply with Philippine tax and accounting requirements.
AI prompt logs: retained for up to 30 days for security and quality assurance, then deleted or fully anonymized.
Usage analytics: retained in aggregated, anonymized form indefinitely.

8. Data Security

We implement technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including:

HTTPS encryption for all data in transit.
Encrypted storage of passwords using industry-standard hashing.
Access controls and least-privilege principles for internal systems.
Regular security reviews and vulnerability assessments.

No method of transmission or storage is 100% secure. In the event of a data breach that affects your rights, we will notify affected users and the National Privacy Commission (NPC) in accordance with Philippine law.

9. Cookies and Tracking Technologies

We use the following types of cookies:

Essential cookies: required for the Service to function (e.g., session authentication). These cannot be disabled.
Analytics cookies: help us understand how the Service is used so we can improve it. You may opt out via your browser settings or our cookie banner.
Preference cookies: remember your settings and customizations (e.g., curriculum format, region).

You can control cookies through your browser settings. Disabling non-essential cookies will not prevent you from using the core features of the Service.

10. Your Rights

Under the Philippine Data Privacy Act and other applicable laws, you have the right to:

Access: request a copy of the personal data we hold about you.
Correction: request that we correct inaccurate or incomplete data.
Erasure: request deletion of your personal data, subject to legal retention requirements.
Portability: receive your data in a structured, machine-readable format.
Object / withdraw consent: opt out of marketing communications or object to processing based on legitimate interest.
Lodge a complaint: file a complaint with the Philippine National Privacy Commission (NPC) at privacy.gov.ph .

To exercise your rights, contact us at privacy@nextguro.com. We will respond within 15 business days.

11. International Data Transfers

Our Service is hosted and operated with infrastructure that may be located outside the Philippines (e.g., cloud servers in the US or Asia-Pacific region). By using the Service, you consent to your data being transferred to and processed in these locations. We take appropriate safeguards (such as contractual clauses) to ensure your data receives adequate protection regardless of where it is processed.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by a prominent notice on the Service at least 14 days before the changes take effect. The "Last updated" date at the top of this page reflects the most recent revision.

13. Contact & Data Protection Officer

For any privacy-related questions, requests, or concerns, please contact us:

Company: Jeva Technologies OPC
Country: Philippines
Privacy email: privacy@nextguro.com
Website: nextguro.com